<?php

// 本类由系统自动生成，仅供测试用途

class InfoAction extends CommonAction {



public function index()

    {

    	$where='adm_role>'.$_SESSION[C('USER_ROLE_ID')];

    	if($where!='')$where=' where '.$where." order by adm_role ";

    	$st= M();

		import("ORG.Util.Page");

		$arr=$st->query('select count(*) a from xp_se_admin '.$where);

		$count= $arr[0]['a'];
        $this->assign('count',intval($count));
		$Page = new Page($count,8);

		$show = $Page->show();



        $rlist=$st->query('SELECT * FROM xp_se_role where rol_id>='.$_SESSION[C('USER_ROLE_ID')]);



        $this->assign('role_type',$rlist);



		$list = $st->query('SELECT * FROM xp_se_admin a LEFT JOIN xp_se_role r ON a.adm_role=r.rol_id '.$where.' limit '.$Page->firstRow.','.$Page->listRows);



		$this->assign('list',$list);

		$this->assign('page',$show);//赋值分页输出

		$this->display();//输出模板

    	

    }

    public function del()

    {

        $tip='[ <A HREF="javascript:history.back()">返 回</A> ]';

        if(is_numeric($_GET["adm_id"]))

        {

            $now_r=$_SESSION[C('USER_ROLE')];

            $opm=M('admin')->find($_GET["adm_id"]);

            if($opm==null)

            {

                $this->error("非法操作！");

            }

            if(intval($opm['adm_role'])<=$now_r)

            {

                exit('权限不足,禁止删除！'.$tip);

            }elseif($ar==$now_r)

            {

                if($_POST['adm_id']!=$_SESSION[C('USER_AUTH_KEY')])

                {

                   exit('权限不足！'.$tip);

                }

            }

            $res = M("admin")->where('adm_id='.$_GET["adm_id"])->delete(); 

            if($res>0){

                $this->success("账号删除成功!","__APP__/Admin/Info");

            }else{

                $this->error("账号删除失败！");

            }

        }

        else

        {

            $this->error("非法操作！");

        }   

    }

public function ada()

	{

		$tip='[ <A HREF="javascript:history.back()">返 回</A> ]';

		$s='保存';

		if(is_numeric($_POST['adm_role']))

    	{

			$model = D("admin");

            if(isset($_POST['adm_id']))

            {

    			$opm=$model->find($_POST['adm_id']);

    			if(!is_array($opm))exit('非法操作！'.$tip);

            }

    		$ar=intval($_POST['adm_role']);

    		$now_r=$_SESSION[C('USER_ROLE')];

    		if($ar<$now_r)

    		{
                if($ar==0)
                {
                    exit('请选择角色！'.$tip);
                }
    			exit('权限不足！'.$tip);

    		}
            elseif($ar==$now_r)

            {

                if($_POST['adm_id']!=$_SESSION[C('USER_AUTH_KEY')])

                {

                   exit('您无权将其权限提升为和您平级！'.$tip);

                }

            }

            if(!isset($_POST['adm_realname']) || $_POST['adm_realname']=='')

            {

                exit('真实姓名不能为空！'.$tip);

            }

    		$ret=false;

            if($opm['adm_role']!=$_POST['adm_role'] 
                && $_POST['adm_id']!=$_SESSION[C('USER_AUTH_KEY')])

    		$data['adm_role']=$_POST['adm_role'];

        if(isset($_POST['adm_phone']))
        {
            $data['adm_phone']=$_POST['adm_phone'];
            $data['adm_qq']=$_POST['adm_qq'];
    	}
        	if( $ar>$now_r ||($ar==$now_r && $opm['adm_id']==$_POST['adm_id']) )

                if($opm['adm_realname']!=$_POST['adm_realname'])

    			     $data['adm_realname']=$_POST['adm_realname'];



    		if(is_numeric($_POST['adm_id']))

    		{   

    			if($_POST['adm_pass']!='' && $_POST['adm_oldpass']=='')

                {

                    exit('要想更改密码，用户原始密码不能为空！'.$tip);

                } 



                if($_POST['adm_pass']==''  && $_POST['adm_oldpass']!='')

                {

                    exit('要想更改密码，用户密码不能设置为空！'.$tip);

                }

                else if($_POST['adm_oldpass']!='')

    			{

    				if($opm['adm_pass']!=m5($_POST['adm_oldpass']))

					{

						exit('用户原始密码验证失败！'.$tip);

					}

					else 

					{

						if($opm['adm_pass']!=m5($_POST['adm_pass']))

						{

							$data['adm_pass']=m5($_POST['adm_pass']);

						}

					}

    			}

                if(count($data)>0)

    			$ret=$model->where('adm_id='.$_POST['adm_id'])->setField($data);

                else

                {

                    $ret=true;

                    $s='提交';

                }

    		}

    		else

    		{



                if(count($model->where("adm_name='".$_POST['adm_name']."'")->find()))

                {

                exit('用户名不能重复！'.$tip);

                }



    			$s='写入';

    			$ret=$model->add(array(

    				'adm_name'=>$_POST['adm_name'],

    				'adm_realname'=>$_POST['adm_realname'],

    				'adm_pass'=>m5($_POST['adm_pass']),

    				'adm_role'=>$_POST['adm_role']));

    		}



    		if(false !== $ret) 

			{

    			$this->success('数据'.$s.'成功！');

            }else

            {

                exit('数据'.$s.'错误:'.$model->getLastSql()."<br/>".$tip);

            }

    	}

    	else

    	{

    		exit('提交的参数有误！'.$tip);

    	}

		

	}



}